CVE-2024-26749 | Linux Kernel up to 6.7.6 cdns3 cdns3_gadget_ep_disable use after free

Posted by Angelo Barbosa | Apr 3, 2024 | CVE

A vulnerability was found in Linux Kernel up to 6.7.6. It has been declared as problematic. This vulnerability affects the function cdns3_gadget_ep_disable of the component cdns3. The manipulation leads to use after free.

This vulnerability was named CVE-2024-26749. The attack needs to be approached within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-26749 | Linux Kernel up to 6.7.6 cdns3 cdns3_gadget_ep_disable use after free

Related Posts

CVE-2024-4557 | GitLab Community Edition/Enterprise Edition up to 16.11.4/17.0.2/17.1.0 Banzai Pipeline resource consumption (Issue 460517)

CVE-2023-48376 | SmartStar CWS Web-Base 10.25 unrestricted upload

CVE-2024-5798 | HashiCorp Vault/Vault Enterprise JSON Web Token improper authorization

CVE-2024-4785 | zephyrproject-rtos Zephyr up to 3.6 LL_CONNECTION_UPDATE_IND Packet null pointer dereference (GHSA-xcr5-5g98-mchp)